<%@ page import="org.apache.struts.action.Action"%>
<%@page import="com.mbbmap.util.StringUtils"%>
<%@ page import = "java.io.*" %>
<%@ page import = "java.net.*" %>
<%@ page import = "java.text.*" %>
<%@ page import = "java.util.*" %>
<%@ page import = "java.util.Map" %>
<%@ page import = "java.util.HashMap" %>
<%@ page import="com.mbbmap.app.manager.*" %>
<%@ page import="com.mbbmap.app.EbppKeys" %>
<%@ page import="com.mbbmap.util.*" %>
<%@ page import = "com.mbbmap.security.dao.*" %>

<%
String msg = StringUtils.NullSafe((String) request.getAttribute("msg"));
String msg_id = StringUtils.NullSafe((String) request.getAttribute("msg_id"));

String userid = StringUtils.NullSafe((String) request.getAttribute("userid"));
String pass1 = StringUtils.NullSafe((String) request.getAttribute("pass1"));
String pass2 = StringUtils.NullSafe((String) request.getAttribute("pass2"));

boolean showParam = false;
String msgColor = "red";

if (msg_id.equalsIgnoreCase("MSG001") || msg_id.equalsIgnoreCase("MSG002"))
	showParam = true;

if (msg_id.equalsIgnoreCase("MSG999"))
	msgColor = "green";

ArrayList secGroupAccessList2 = (ArrayList) session.getAttribute(Constants.LOGON_ACCESS_LIST);
SecUserDao oSecUserDao = (SecUserDao) session.getAttribute(Constants.LOGGED_USER);
String sUserName = oSecUserDao.getUserName();
String lastLogonDateTime = (String) session.getAttribute(Constants.LAST_LOGON_DATETIME);

String selected = "sec003";
int iSec001 = 0;
int iSec002 = 0;
int iSec003 = 0;
int iSec004 = 0;
int iSec005 = 0;
int iSec006 = 0;
int iSec007 = 0;
int iSec008 = 0;

for(int i=0;i<secGroupAccessList2.size();i++){
	SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList2.get(i);
	String strModuleCode  = secaccessDao.getModuleCode();
	if(strModuleCode.equals("SEC001"))
		iSec001 = 1;
	if(strModuleCode.equals("SEC002"))
		iSec002 = 1;
	if(strModuleCode.equals("SEC003"))
		iSec003 = 1;
	if(strModuleCode.equals("SEC004"))
		iSec004 = 1;
	if(strModuleCode.equals("SEC005"))
		iSec005 = 1;
	if(strModuleCode.equals("SEC006"))
		iSec006 = 1;
	if(strModuleCode.equals("SEC007"))
		iSec007 = 1;
	if(strModuleCode.equals("SEC008"))
		iSec008 = 1;
}


%>



<html>
<head>
<link rel="stylesheet" href="resource/mbb_sec_global.css" type="text/css" />
<link href="resource/style.css" rel="stylesheet" type="text/css">
<script type="text/javascript">
	    window.history.forward();
	    function noBack() { window.history.forward(); }
	</script>
<style type="text/css"></style></head>
<SCRIPT LANGUAGE="JavaScript1.2">
	function getGrpAccess(){
		strGroupCode = document.GetGroupAccessForm.GrpCode[document.GetGroupAccessForm.GrpCode.selectedIndex].value;
		if(strGroupCode==null || strGroupCode==""){
			alert("Please Select Group !");
			return false;
		}
		document.GetGroupAccessForm.selaccessgrp.value = strGroupCode;
		document.GetGroupAccessForm.action='<%=response.encodeURL("UpdateSecAccess.do?dispatch=getGroup")%>';
		document.GetGroupAccessForm.submit();
	}

	function addGrpAccess(){
		strModuleCode = document.AddGroupAccessForm.modCode[document.AddGroupAccessForm.modCode.selectedIndex].value;
		if(strModuleCode==null || strModuleCode==""){
			alert("Please Select Module !");
			return false;
		}
		len = document.AddGroupAccessForm.readaccess.length
		for (i = 0; i <len; i++) {
			if (document.AddGroupAccessForm.readaccess[i].checked) {
				strReadFlag = document.AddGroupAccessForm.readaccess[i].value
			}
		}
		if(strReadFlag==null || strReadFlag==""){
			alert("Please Select Read Access !");
			return false;
		}
		document.AddGroupAccessForm.readflag.value = strReadFlag;
		len = document.AddGroupAccessForm.updateaccess.length
		for (i = 0; i <len; i++) {
			if (document.AddGroupAccessForm.updateaccess[i].checked) {
				strUpdateFlag = document.AddGroupAccessForm.updateaccess[i].value
			}
		}
		if(strUpdateFlag==null || strUpdateFlag==""){
			alert("Please Select Update Access !");
			return false;
		}
		document.AddGroupAccessForm.updateflag.value = strUpdateFlag;
		len = document.AddGroupAccessForm.writeaccess.length
		for (i = 0; i <len; i++) {
			if (document.AddGroupAccessForm.writeaccess[i].checked) {
				strWriteFlag = document.AddGroupAccessForm.writeaccess[i].value
			}
		}
		if(strWriteFlag==null || strWriteFlag==""){
			alert("Please Select Write Access !");
			return false;
		}
		document.AddGroupAccessForm.writeflag.value = strWriteFlag;
		document.AddGroupAccessForm.accessmodule.value = strModuleCode;
		document.AddGroupAccessForm.action='<%=response.encodeURL("UpdateSecAccess.do?dispatch=addGroupAccess")%>';
		document.AddGroupAccessForm.submit();
	}

	function removeAccess(strModuleCode,modulecode){
		if(strModuleCode==null || strModuleCode==""){
			alert("Please enter Module Code");
			return false;
		}
		var msg = "Confirm Delete of "+modulecode;
		
		if (confirm(msg)){
 		document.UpdGroupAccessForm.sremmodule.value = strModuleCode;
		document.UpdGroupAccessForm.action='<%=response.encodeURL("UpdateSecAccess.do?dispatch=remAccess")%>';
		document.UpdGroupAccessForm.submit();
		}
	}
		
	function goToSecModule(){
		window.open("sec/sec_module.jsp","blank","toolbar=no,width=500,height=500,scrollbars=yes,resizable=yes")
	}
</SCRIPT>
</head>
<%
	ArrayList arlSecGroupList = new ArrayList();
	arlSecGroupList = (ArrayList) session.getAttribute(Constants.SECURITY_GROUP);
	ArrayList arlSecModuleList = new ArrayList();
	arlSecModuleList = (ArrayList) session.getAttribute(Constants.SECURITY_MODULE);
	ArrayList secGroupAccessList = new ArrayList();
	secGroupAccessList = (ArrayList) session.getAttribute(Constants.SELECTED_ACCESS_LIST);


	String strESelectedGroup = "";
	String strSelectedGroup = "";
	String strSelectedGroupName = "";
	strESelectedGroup = (String) session.getAttribute(Constants.SELECTED_SEC_GRP);
	if ((strESelectedGroup == null) || (strESelectedGroup.equals(""))){
		strESelectedGroup = "";
		strSelectedGroup = "";
	}else{
		strSelectedGroup = EncryptionHelper.decrypt(strESelectedGroup,ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
	}
	String strGroupCode = "";
	String strSelectedModule = "";
	String strModuleCode = "";
	//strSelectedGroup = "ABC";
%>




<body class="home" onload="noBack();" onpageshow="if (event.persisted) noBack();" onunload="">

	<a name="top"></a>
	
<!-- Header -->
<%@ include file="/jsp/common/Header.jsp" %>	
<!-- End Header -->

<div id="bgWrapper">
		<div id="container">
		
					<div id="titleBar">
						<ul class="topBar">
							<li class="goBackBt"><a href="<%=request.getContextPath()%>/ShowSecurityHome.do?dispatch=init"></a></li>

							<li>
							  <h1>Access Rights</h1></li>
						</ul>
					</div>
		
					<div id="fullcontent">
		
						<!-- Security Navigation -->
						<%@ include file="SecurityNavigation.jsp" %>	
						<!-- End SecurityNavigation -->
			
			
						<div id="contentRightIn">
						
								<!-- Module Title -->
								<table align="center" width=100% border="0" rules="cols" class="tblDetails">
										<thead>
											<tr>
												<th colspan="4">
													<h4>Update Security Access</h4>
												</th>
											</tr>
										</thead>
											
										<tr class="even">
											<td colspan="2" align="center" style="text-align:center !important;">
												Security Module - Update Security Access Rights.
												<p style="font-weight:bold;color: <%=msgColor%> !important;"><%=msg%></p>
											</td>
										</tr>
								</table>
						
								<br />
	
	
								<form name="GetGroupAccessForm" action="" method="post">
									<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
									<input type="hidden" name="selaccessgrp" value="<%=strESelectedGroup%>">
							
									<table align="center" class="tbldetails" width=100% border="0" rules="cols">
										<thead class="th1">
											<tr>
												<th colspan="3">
													<div class="sectionTableTitle">
														<h2>Security Groups</h2>
													</div>
												</th>
										</thead>
										<tr class="headerD" style="border: thin solid">
											<td width="50%" class="center_note">Group Code</td>
											<td width="40%" class="center_note">
										<select name="GrpCode" size="1">
											<option value=''>Select Group</option>
							<%
											for(int i=0;i<arlSecGroupList.size();i++){
												SecGroupsDao secgroupDao = (SecGroupsDao)arlSecGroupList.get(i);
												if (secgroupDao.getGroupCode().equals(strSelectedGroup)){
													strGroupCode  = EncryptionHelper.encrypt(secgroupDao.getGroupCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
													strSelectedGroupName = secgroupDao.getGroupName();
													//the selected account will be displayed
							%>
													<option selected value='<%=strGroupCode%>'><%=secgroupDao.getGroupName()%></option>
							<%
												}else{
													strGroupCode  = EncryptionHelper.encrypt(secgroupDao.getGroupCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
							%>
													<option value='<%=strGroupCode%>'><%=secgroupDao.getGroupName()%></option>
							<%
												}
											}
							%>
												</select>
							
											</td>
											<td width="10%" class="center_note"><input type="button" name="next" value="Get Access" onClick="getGrpAccess()"></input></td>
										</tr>
									</table>
									</form>
									
							<%		if ((strSelectedGroup != null) && (!strSelectedGroup.equals(""))){ %>
								<form name="UpdGroupAccessForm" action="" method="post">
									<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
									<input type="hidden" name="selaccessgrp" value="<%=strESelectedGroup%>">
									<input type="hidden" name="sremmodule" value="">
									<table align="center" class="tbldetails" width=100% border="0" rules="cols">
										<thead class="th1">
											<tr>
												<th colspan="5">
													<div class="sectionTableTitle">
														<h2>Assigned Module & Rights for Group - <%=strSelectedGroup%> - <%=strSelectedGroupName%></h2>
													</div>
												</th>
										</thead>
										<tr>
											<td clospan="5"><a href="javascript:goToSecModule()">View Security Modules Code</a>
											</td>
										</tr>
										<tr class="headerD" style="border: thin solid">
											<td width="30%" class="center_note">Module Code - Module Name</td>
											<td width="20%" class="center_note">Read Access</td>
											<td width="20%" class="center_note">Update Access</td>
											<td width="20%" class="center_note">Insert / Delete Access</td>
											<td width="10%" class="center_note">Remove</td>
										</tr>
							<%
											String row = "";
											int result;
											for(int i=0;i<secGroupAccessList.size();i++){
												SecAccessDao secaccessDao = (SecAccessDao)secGroupAccessList.get(i);
												String strEModuleCode  = EncryptionHelper.encrypt(secaccessDao.getModuleCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
							
												result = (i + secGroupAccessList.size()) % 2;
												
												if(result==0)
												{
													row="even";
												}
												else
												{
													row="alt";
												}
							
							
							
							%>
										<tr class="<%=row%>" >
											<td width="30%" class="center_note"><%=secaccessDao.getModuleCode()%> - <%=secaccessDao.getModuleName()%></td>
											<td width="20%" class="center_note">
							<%
											if(secaccessDao.getReadFlag().equals(Constants.SECURITY_CODE_NO)){
							%>
											<%=Constants.SECURITY_VALUE_NO%>
							<%
											}else{
							%>
											<%=Constants.SECURITY_VALUE_YES%>
							<%				}
							%>
											</td>
											<td width="20%" class="center_note">
							<%
											if(secaccessDao.getUpdateFlag().equals(Constants.SECURITY_CODE_NO)){
							%>
											<%=Constants.SECURITY_VALUE_NO%>
							<%
											}else{
							%>
											<%=Constants.SECURITY_VALUE_YES%>
							<%				}
							%>				</td>
											<td width="20%" class="center_note">
							<%
											if(secaccessDao.getWriteFlag().equals(Constants.SECURITY_CODE_NO)){
							%>
											<%=Constants.SECURITY_VALUE_NO%>
							<%
											}else{
							%>
											<%=Constants.SECURITY_VALUE_YES%>
							<%				}
							%>				</td>
											<td width="10%" class="center_note"><a href="#" onclick="removeAccess('<%=strEModuleCode%>','<%=secaccessDao.getModuleCode()%>');overlay();"><font color="#0033cc"><u>Remove</u></font></a></td>
										</tr>
							<%
										}
							%>
									</table>
								</Form>
							<br />

								<form name="AddGroupAccessForm" action="" method="post">
									<input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
									<input type="hidden" name="selaccessgrp" value="<%=strESelectedGroup%>">
									<input type="hidden" name="accessmodule" value="">
									<input type="hidden" name="readflag" value="">
									<input type="hidden" name="updateflag" value="">
									<input type="hidden" name="writeflag" value="">
									<table align="center" class="tbldetails" width=100% border="0" rules="cols">
										<thead class="th1">
											<tr>
												<th colspan="2">
													<div class="sectionTableTitle">
														<h2>Add Access Modules and Assign Rights</h2>
													</div>
												</th>
										</thead>
										<tr class="odd">
											<td width="70%" align="right">01. Select Module</td>
											<td width="30%" align="right">
										<select name="modCode" size="1">
											<option value=''>Select Module</option>
							<%
											for(int i=0;i<arlSecModuleList.size();i++){
												SecModulesDao secmoduleDao = (SecModulesDao)arlSecModuleList.get(i);
												if (secmoduleDao.getmoduleCode().equals(strModuleCode)){
													strModuleCode  = EncryptionHelper.encrypt(secmoduleDao.getmoduleCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
													//the selected account will be displayed
							%>
													<option selected value='<%=strModuleCode%>'><%=secmoduleDao.getmoduleCode()%> - <%=secmoduleDao.getmoduleName()%></option>
							<%
												}else{
													strModuleCode  = EncryptionHelper.encrypt(secmoduleDao.getmoduleCode(),ConfigManager.getInstance().get(EbppKeys.ENCRYPTION_PASSPHRASE));
							%>
													<option value='<%=strModuleCode%>'><%=secmoduleDao.getmoduleCode()%> - <%=secmoduleDao.getmoduleName()%></option>
							<%
												}
											}
							%>
												</select>
											</td>
										</tr>
										<tr class="even">
											<td  width="50%" align="right">02. Select Read Access</td>
											<td width="50%" align="right">
												<input type="radio" name="readaccess" value="<%=Constants.SECURITY_CODE_NO%>"><%=Constants.SECURITY_VALUE_NO%></input>
												<input type="radio" name="readaccess" value="<%=Constants.SECURITY_CODE_YES%>" CHECKED><%=Constants.SECURITY_VALUE_YES%></input>
											</td>
										</tr>
										<tr class="odd">
											<td width="50%" align="right">03. Select Update Access</td>
											<td width="50%" align="right">
												<input type="radio" name="updateaccess" value="<%=Constants.SECURITY_CODE_NO%>"><%=Constants.SECURITY_VALUE_NO%></input>
												<input type="radio" name="updateaccess" value="<%=Constants.SECURITY_CODE_YES%>" CHECKED><%=Constants.SECURITY_VALUE_YES%></input>
											</td>
										</tr>
										<tr class="even">
											<td width="50%" align="right">04. Select Insert / Delete Access</td>
											<td width="50%" align="right">
												<input type="radio" name="writeaccess" value="<%=Constants.SECURITY_CODE_NO%>"><%=Constants.SECURITY_VALUE_NO%></input>
												<input type="radio" name="writeaccess" value="<%=Constants.SECURITY_CODE_YES%>" CHECKED><%=Constants.SECURITY_VALUE_YES%></input>
											</td>
										</tr>
										<tr class="odd">
											<td width="50%" align="right">&nbsp;</td>
											<td width="50%" align="right"><input type="button" name="next" value="Add" onClick="addGrpAccess()"></input></td>
										</tr>
									</table>
								</Form>
							<%		} %>

							<br />
						
						
							<div id="contentMessage">
								<h3 class="<%=msgColor%>"><%=msg%></h3>
							</div>
							
						</div>
						
					</div>
		
					<!-- Footer -->
					<%@ include file="/jsp/common/Footer.jsp" %>	
					<!-- End Footer -->
					</div>




</body>
</html>
